php Docker上的Wordpress使用SSL支持nginx反向代理

mkshixfv  于 2023-01-16  发布在  PHP
关注(0)|答案(2)|浏览(158)

我的问题是,
我需要在一个子目录url(“www.example.com“)上安装一个wordpress应用程序https://test.com/blog/,因为我的整个环境都运行在Docker上,所以我决定对wordpress应用程序做同样的事情。
为了尽可能简单地启动它,我将wordpress图像添加到我的docker-compose.yml中,并http://blog.test.com使用nginx反向代理在应用程序上创建一个子域(“www.example.com“,它没有使用https)。
它运行良好,我安装了我的wordpress这样。
现在我正试着把它移植到我最初的需求中,我的问题是一切都运行得很好,除非我不能访问管理URL(https://test.com/blog/admin),因为它在https://test.com/blog/wp-admin上保持重定向,我得到了一个“太多重定向”的错误。
下面是我的nginx配置:

server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name test.com;
  return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;
    server_name test.com;

    error_log /var/log/nginx/test_error.log;
    access_log /var/log/nginx/test_access.log;

    location /blog/ {
        auth_basic "Restricted";
        auth_basic_user_file /etc/nginx/test-htpasswd;
        proxy_pass http://127.0.0.1:8090;
        proxy_http_version 1.1;
        proxy_buffering off;
        proxy_read_timeout    90;
        proxy_connect_timeout 90;
        proxy_redirect        off;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $proxy_connection;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
        proxy_set_header X-Forwarded-Port 443;

    # Mitigate httpoxy attack (see README for details)
           proxy_set_header Proxy "";
    }

    location / {
        auth_basic "Restricted";
        auth_basic_user_file /etc/nginx/test-htpasswd;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8082;
    }

    ssl_certificate /etc/letsencrypt/live/test.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/test.com/privkey.pem; # managed by Certbot

    add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
}

我还在wordpress容器中的wp-config.php文件的顶部添加了以下内容:

define('FORCE_SSL_ADMIN', true);

if($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'){

    $_SERVER['HTTPS'] = 'on';
    $_SERVER['SERVER_PORT'] = 443;
}

define('WP_HOME','https://test.com/blog/');
define('WP_SITEURL','https://test.com/blog/');

我注意到的是,如果我尝试通过执行以下操作来打印**$_SERVER**变量
变量转储($_服务器);
在wp-config.php中,没有任何nginx代理变量。
下面是输出:

array(42) { 
["REDIRECT_STATUS"]=> string(3) "200" 
["HTTP_HOST"]=> string(15) "test.com"
["HTTP_X_REAL_IP"]=> string(15) "itsmyip"
["HTTP_CONNECTION"]=> string(5) "close"
["HTTP_CACHE_CONTROL"]=> string(9) "max-age=0"
["HTTP_UPGRADE_INSECURE_REQUESTS"]=> string(1) "1"
["HTTP_USER_AGENT"]=> string(104) "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
["HTTP_SEC_FETCH_USER"]=> string(2) "?1"
["HTTP_ACCEPT"]=> string(124) "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
["HTTP_SEC_FETCH_SITE"]=> string(4) "none"
["HTTP_SEC_FETCH_MODE"]=> string(8) "navigate"
["HTTP_ACCEPT_ENCODING"]=> string(17) "gzip, deflate, br"
["HTTP_ACCEPT_LANGUAGE"]=> string(35) "fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"
["HTTP_COOKIE"]=> string(547) "_lfa=eyJYYnAxb2FFR2RSazdFZFZqIjoiTEYxLjEuNGFiNTNhYjI1ZWMwNDE3MS4xNTk1OTM2MTk5MjIyIn0%3D; _ga=GA1.2.1198854717.1595936200; _gid=GA1.2.2083987609.1595936200; _hjid=51fe1835-b72b-4957-873f-dc4147a455fc; _hjIncludedInSample=1; _fbp=fb.1.1595936200807.1293959861; __zlcmid=zPjJja34jXiPWc; PHPSESSID=bo5jv9md5j6kmtomigjgi2bdnl; REMEMBERME=VGhpdmVvXENvcmVCdW5kbGVcRW50aXR5XFVzZXI6Y21Gd2FHRmxiQzV3WlhKamFHVmpLM1JsYzNSaGNtTm9hVzFsWkdWQVoyMWhhV3d1WTI5dDoxNjI3NDcyMjI1Ojg5MWY3ZGM1M2QyMmQyNzdiNWI3MjQ5NTY4NThkZWE5MWIxYmU2NjUzM2EzMmQ5Yzc5MzFjOWJmM2E4ZDliNjk%3D" ["PATH"]=> string(60) "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
["SERVER_SIGNATURE"]=> string(76) "
Apache/2.4.38 (Debian) Server at test.com Port 80
" 
["SERVER_SOFTWARE"]=> string(22) "Apache/2.4.38 (Debian)"
["SERVER_NAME"]=> string(15) "test.com"
["SERVER_ADDR"]=> string(11) "itsmyip"
["SERVER_PORT"]=> string(2) "80"
["REMOTE_ADDR"]=> string(15) "itsmyip"
["DOCUMENT_ROOT"]=> string(13) "/var/www/html"
["REQUEST_SCHEME"]=> string(4) "http"
["CONTEXT_PREFIX"]=> string(0) "
" ["CONTEXT_DOCUMENT_ROOT"]=> string(13) "/var/www/html"
["SERVER_ADMIN"]=> string(19) "webmaster@localhost"
["SCRIPT_FILENAME"]=> string(23) "/var/www/html/index.php"
["REMOTE_PORT"]=> string(5) "38136"
["REDIRECT_URL"]=> string(12) "/blog/"
["GATEWAY_INTERFACE"]=> string(7) "CGI/1.1"
["SERVER_PROTOCOL"]=> string(8) "HTTP/1.0"
["REQUEST_METHOD"]=> string(3) "GET"
["QUERY_STRING"]=> string(0) ""
["REQUEST_URI"]=> string(12) "/blog/"
["SCRIPT_NAME"]=> string(10) "/index.php"
["PHP_SELF"]=> string(10) "/index.php"
["REQUEST_TIME_FLOAT"]=> float(1595941685.61)
["REQUEST_TIME"]=> int(1595941685)
["argv"]=> array(0) { } 
["argc"]=> int(0)

你知道吗?

dw1jzc5e

dw1jzc5e1#

实际上我找到了解决方法!我在我的nginx配置中有一个错误,如果有人感兴趣,这里是我的最终工作配置:
nginx. conf文件(wordpress块):

location /blog/ {
        proxy_pass http://127.0.0.1:8093/;
        proxy_http_version 1.1;
        proxy_buffering off;
        proxy_read_timeout    90;
        proxy_connect_timeout 90;
        proxy_redirect        off;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Port 443;
        proxy_set_header Proxy "";
    }

下面是我添加在我的WordPress容器的wp_config. php文件的顶部:

define('FORCE_SSL_ADMIN', true);

$_SERVER['REQUEST_URI'] = str_replace("/wp-admin/", "/blog/wp-admin/",  $_SERVER['REQUEST_URI']);

if($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'){

    $_SERVER['HTTPS'] = 'on';
    $_SERVER['SERVER_PORT'] = 443;
}

define('WP_HOME','https://test.com/blog/');
define('WP_SITEURL','https://test.com/blog/');

干杯!

ycl3bljg

ycl3bljg2#

@程序是寿命:你的伎俩做我,但与博客本身。但每当我登录到博客,提交WP用户名和密码后,网页送我无处。

相关问题